Internal Audit

Objectives & Practice

Internal Audit Objectives

The audit objectives of the Internal Audit Office are founded on the annual audit plan. The annual audit plan is derived from the City of El Paso Internal Audit Charter and the annual audit plan identifies risks in the areas of:

  • Compliance
  • Financial
  • Operational
  • Reporting
  • Strategic

The Internal Audit Office’s role is further defined in the Institute of Internal Auditors definition of internal auditing:

Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.

Audit objectives are accomplished in accordance with the

  • Institute of Internal Auditor's (IIA) Code of Ethics
  • International Standards for the Professional Practice of Internal Auditing
  • Generally Accepted Governmental Audit Standards
  • Generally Applicable and Accepted Information Systems Audit & Control Association Information Technology Control Practice Standards including Control Objectives for Information and Related Technology (CoBIT).

Accordingly, within the framework of the City Internal Audit Charter we bring a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and the governance processes.

Internal Audit Practice Standards

The International Standards for the Professional Practice of Internal Auditing are the criteria by which the operations of an internal audit office are evaluated and measured. Within the International Professional Practices Framework there are three sets of standards:

  • Attribute Standards: address the attributes of organizations and individuals performing internal audit services.
  • Performance Standards: describe the nature of internal audit services and provide quality criteria against which the performance of these services can be measured.
  • Implementation Standards: provide guidance applicable in specific types of engagements.

Along with these standards are The Code of Ethics which states the principles and expectations governing the behavior of individuals and organizations in the conduct of internal auditing. It describes the minimum requirements for conduct, and behavioral expectations rather than specific activities.

IIA Code of Ethics

The Code of Ethics states the principles and expectations governing the behavior of individuals and organizations in the conduct of internal auditing. It describes the minimum requirements for conduct, and behavioral expectations rather than specific activities.

Code Of Ethics – Principles & Rules of Conduct

Internal auditors are expected to apply and uphold the following principles and rules of conduct:

  1. Integrity: establishes trust and provides the basis for reliance on their judgment.
    • Shall perform their work with honesty, diligence, and responsibility
    • Shall observe the law and make disclosures expected by the law and the profession.
    • Shall not knowingly be a party to any illegal activity, or engage in acts that are discreditable to the profession of internal auditing or to the organization.
    • Shall respect and contribute to the legitimate and ethical objectives of the organization.
  2. Objectivity: make a balanced assessment of all the relevant circumstances and are not unduly influenced by their own interests or by others in forming judgments. Exhibit the highest level of professional objectivity in gathering, evaluating, and communicating information.
    • Shall not participate in any activity or relationship that may impair or be presumed to impair their unbiased assessment. This participation includes those activities or relationships that may be in conflict with the interests of the organization.
    • Shall not accept anything that may impair or be presumed to impair their professional judgment.
    • Shall disclose all material facts known to them that, if not disclosed, may distort the reporting of activities under review.
  3. Confidentiality: respect the value and ownership of information they receive and do not disclose information without appropriate authority unless there is a legal or professional obligation to do so.
    • Shall be prudent in the use and protection of information acquired in the course of their duties.
    • Shall not use information for any personal gain or in any manner that would be contrary to the law or detrimental to the legitimate and ethical objectives of the organization
  4. Competency: apply the knowledge, skills, and experience needed in the performance of internal audit services.
    • Shall engage only in those services for which they have the necessary knowledge, skills, and experience.
    • Shall perform internal audit services in accordance with the International Standards for the Professional Practice of Internal Auditing (Standards).
    • Shall continually improve their proficiency and the effectiveness and quality of their services.